ansaurus

Question

Form validation

Answer 1

+1 A:

It's good to use javascript for form validation, but you shouldn't rely on it. The first thing to do is to check the values in $_POST in PHP, and make sure they're something valid looking (or at the very least, check that they're not "").

To check with javascript, you would put an onSubmit="..." in the form tag, which returns false if the form data is invalid (meaning "don't submit the form"). And you'd also probably want an alert, or you could modify the page somehow to indicate the problem. I'm not going to write out a form validation script for you though.

crimson_penguin 2010-03-28 23:26:21

Answer 2

A:

You can do JavaScript validation by using the submit button to call a JavaScript function instead of submitting the form. If the data passes your validation criteria, the JavaScript function can then submit the data. However, you should not rely completely on JavaScript validation. If the user has JavaScript disabled, their data will not be validated, so your PHP application must be robust enough to handle blank data. It isn't just blank data that you need to be concerned with, though. You need to validate the user input for garbage and sanitize the data before using it in the database.

HaleFx 2010-03-28 23:28:15

Answer 3

A:

I don't know the exact PHP syntax, but I'll write some pseudo-code that ought to do the trick. The basic idea is when you retrieve the $_POST values, you'll want to create a new hash that has values that are acceptable and then you can pass that hash to whatever methods needs to build out queries or whatever. The way I'll do this is to remove invalid values from the hash entirely, so it appears they were never there. Obviously, you can do this differently (mark them as invalid, etc).

$cleaned_args = array();

foreach ($_POST as $key => $value) {
    if ($_POST[$key] != "" && is_valid_email($_POST[$key])) {
        $cleaned_args[$key] = $_POST[$key];
    }

make_db_call_or_whatever($cleaned_args);

where is_valid_email is a method that maybe PHP has or you have to write. You could even generalize the if clause into an is_valid($_POST[arg]) method if you want, but it depends on how complex the situation is.

Hopefully, this helps to give you an idea of how to do this. I think this will be easier than dynamically removing inputs with JavaScript before the form submission and, as mentioned, will be more secure than doing it only on the client side.

Bialecki 2010-03-28 23:33:32

Answer 4

A:

As others have said, it's bad practise to rely on javascript as your only form of validation. Look to javascript as a way to help your users submit valid data - but you should always validate on the server side. With that in mind, here's my suggestion:

<form method="post" action="thank_you.php">
         Name: <input type="text" size="28" name="name1" />
            E-mail: <input type="text" size="28" name="email1" />
            <br />
         Name: <input type="text" size="28" name="name2" />
            E-mail: <input type="text" size="28" name="email2" />
            <br />
         Name: <input type="text" size="28" name="name3" />
            E-mail: <input type="text" size="28" name="email3" />
            <br />
         Name: <input type="text" size="28" name="name4" />
            E-mail: <input type="text" size="28" name="email4" />

            <input type="image" src="images/btn_s.jpg" />
</form>

<?php

$num = 4; //Number of times the field is repeated

for($i = 1; $i <= $num; $i++){
   if($_POST['name'.$i] != '' && $_POST['email'.$i] !=''){ //Only process if name and email are not blank
      $thisname = $_POST['name'.$i];
      $thisemail = $_POST['email'.$i];
      //Your code here
   }
}

?>

Iain Fraser 2010-03-28 23:40:32

Answer 5

A:

Thanx for all the answers guys, it worked a treat, I am still busy with the development of the page, but I'll update you guys as it goes along.

Thanx again!

2010-03-31 10:30:07

ansaurus

tags:

views:

answers:

Form validation

related questions